Jump to content

PHP Redirect after Processing Form

AKalair

By AKalair
in PHP Coding Help

 Share

Recommended Posts

AKalair Member

AKalair

Posted
Posted

Hi guys,

Still working on my login form thingy and I'm having another issue. I want to auto redirect the people if they log in successfully but when I use

 

header( 'Location: http://www.thegamerspad.com/members.php' ) ;

 

I get an error.

 

<? 

if (!$dbcnx) {
  echo( "<P>Unable to connect to the " .
        "database server at this time.</P>" );
  exit();
}


$query = "SELECT username FROM users WHERE username = '{$_POST['username']}'";
$result = mysql_query($query);
$row = mysql_fetch_assoc($result);
$user = mysql_num_rows($result);




if ($user == 1 ) {

$queryo = "SELECT password FROM users WHERE password = '{$_POST['password']}'";
$resulto = mysql_query($queryo);
$rowo = mysql_fetch_assoc($resulto);
$usero = mysql_num_rows($resulto);

}

if ($usero == 1) {
session_start();
$_SESSION['auth'] = 1; 

header( 'Location: http://www.thegamerspad.com/members.php' ) ;
}


else
{
echo "Invalid Sorry";
}



?>

 

This is the error message

 

Warning: Cannot modify header information - headers already sent by (output started at /home/thegamer/public_html/PHP/login2.php:34) in /home/thegamer/public_html/PHP/login2.php on line 36

Any ideas thanks

Link to comment
https://forums.phpfreaks.com/topic/125336-php-redirect-after-processing-form/
Share on other sites
FVxSF Member

FVxSF

Posted
Posted

Take a look where you placed session_start(). This might be the cause. All way stick session_start() at the top of the file. right after <?php

 

See if that helps.

 

 

 

Also. When you post mysql_connect() leave out the DB username and password. Don't want peps to hack yer site ;)

jonsjava Member

jonsjava

Posted
Posted

white spaces could be the problem as well:

<?php
session_start();
if (!$dbcnx) {
echo "<P>Unable to connect to the database server at this time.</P>";
exit();
}
$query = "SELECT username FROM users WHERE username = '{$_POST['username']}'";
$result = mysql_query($query);
$row = mysql_fetch_assoc($result);
$user = mysql_num_rows($result);
if ($user == 1) {
$queryo = "SELECT password FROM users WHERE password = '{$_POST['password']}'";
$resulto = mysql_query($queryo);
$rowo = mysql_fetch_assoc($resulto);
$usero = mysql_num_rows($resulto);
}
if ($usero == 1) {
$_SESSION['auth'] = 1;
header( 'Location: http://www.thegamerspad.com/members.php' ) ;
}
else
{
echo "Invalid Sorry";
}
?>

slapdashgrim Member

slapdashgrim

Posted
Posted

I need session start there though as I only want them logged in if they get the username and password right.

the session can start at the begining.

but just set the session variable where it is now.

session_start should always be the first thing after <?php

FVxSF Member

FVxSF

Posted
Posted

I need session start there though as I only want them logged in if they get the username and password right.

 

**Not no to slapdashgrim, he beat me to the post**

 

No, SESSIONS are used for many things. They are used to track guests, page views, you can log how long people are staying at your site, security tokens, user authentication and more.

 

When I work on my app that users inter act with, I use the session to store their User ID, User Name, Login Time, Their Power level (then match with DB) and a few other things if needed.

 

So if the user is not logged in, you can create a variable say UserLoggedIn and have it equal FALSE if they are not or TRUE if they are. This also adds a little more security.

jonsjava Member

jonsjava

Posted
Posted

decided to clean up the code some more (to make it run faster):

<?php
session_start();
if (!$dbcnx) {
echo "<P>Unable to connect to the database server at this time.</P>";
exit();
}
if (isset($_POST['username']) && isset($_POST['password'])){
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$query = "SELECT `username` FROM `users` WHERE `username` = '$username' AND `password`='$password' LIMIT 1;";
$result = mysql_query($query);
$row = mysql_fetch_assoc($result);
$user = mysql_num_rows($result);
if ($user == 1) {
	$_SESSION['auth'] = 1;
	$_SESSION['username'] = $username;
	header('Location: http://www.thegamerspad.com/members.php');
}
else
{
	echo "Invalid Sorry";
}
}
else
{
echo "You Did Not Enter a Username/Password";
}
?>

jonsjava Member

jonsjava

Posted
Posted

So if the user is not logged in, you can create a variable say UserLoggedIn and have it equal FALSE if they are not or TRUE if they are. This also adds a little more security.

you don't need to create the variable, until it is true.

this way, you can say:

<?php
if ($_SESSION['is_logged_in']){
//bleh
}
else{
//blah
}
?>

if a variable has a value, it is taken to be true. If it doesn't, it's taken as false

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.